package com.powerhua.privilege.logic.impl;

import org.apache.log4j.Logger;

import com.powerhua.privilege.PrivilegeUtils;
import com.powerhua.privilege.domain.Privilege;
import com.powerhua.privilege.logic.SecurityManager;

public class SecurityManagerImpl implements SecurityManager {
	
	private static final Logger logger = Logger.getLogger(SecurityManagerImpl.class);

	public boolean accessCheck(String userId, String opValue, String resValue) {
		
		logger.info("=== get permission by operation and resource value.");
		Privilege pm = PrivilegeUtils.getPmDao().findPmByOpResValue(opValue, resValue);
		
		logger.info("=== check user permission.");
		if(PrivilegeUtils.getPmDao().accessCheckPmWithUser(userId, pm.getId())) {
			return true;
		}
		
		logger.info("=== check user_role permission.");
		if(PrivilegeUtils.getPmDao().accessCheckPmWithUserRole(userId, pm.getId())) {
			return true;
		}
		
		logger.info("=== check user_group_role permission.");
		if(PrivilegeUtils.getPmDao().accessCheckPmWithUserGroupRole(userId, pm.getId())) {
			return true;
		}
		
		logger.info("=== check user_position_org_group_role permission.");
		if(PrivilegeUtils.getPmDao().accessCheckPmWithUserPositionOrgGroupRole(userId, pm.getId())) {
			return true;
		}
		
		logger.info("=== user no the permission, return false.");
		return false;
	}

}
